NIS2 & DORA Compliance

Regulatory triage for vulnerability prioritization – classification based on existing CVE data

Regulatory Triage ICT Providers
NIS2 Relevant
535
DORA Relevant
159
Internet-Facing
376
Third-Party ICT
159
Unpatched
249
Exploited
41
Framework:
Period:
Sort:
CVE-2026-33804
@fastify/middie versions 9.3.1 and earlier are vulnerable to middleware bypass when the deprecated Fastify ignoreDuplicateSlashes option is enabled. The middleware path matching logic does not account
NIS2 Edge exposure
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Internet-facing technique: authentication-bypass
  • Strong evidence (KEV / high EPSS / multi-source)
7.4
CVSS 3.1
37
Priority
CVE-2026-32631
Git for Windows is the Windows port of Git. Versions prior to 2.53.0.windows.3 do not have protections that prevent attackers from obtaining a user's NTLM hash. The NTLM hash can be obtained by tricki
Why flagged?
7.4
CVSS 3.1
0.1%
EPSS
37
Priority
CVE-2026-33667
OpenProject is an open-source project management application. In versions prior to 17.3.0, 2FA OTP verification in the confirm_otp action of the two_factor_authentication module has no rate limiting,
NIS2 Edge exposure Management plane
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Internet-facing technique: authentication-bypass
  • Management plane (Improper Restriction of Auth Attempts)
  • Strong evidence (KEV / high EPSS / multi-source)
7.4
CVSS 3.1
0.0%
EPSS
37
Priority
CVE-2026-32156
Local code execution in Windows Universal Plug and Play (UPnP) Device Host across all supported Windows 10, 11, and Server versions allows unauthenticated attackers to achieve high-impact compromise via use-after-free memory corruption. The vulnerability affects Windows 10 versions 1607 through 22H2, Windows 11 versions 22H3 through 26H1, and Windows Server 2012 through 2025 (including Server Core installations). Despite requiring local access and high attack complexity (CVSS:3.1/AV:L/AC:H), the
NIS2 DORA ICT dependency Microsoft Windows
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Third-party ICT: Microsoft Windows
  • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
  • HIGH severity
  • ICT provider: Microsoft Windows (Operating Systems)
7.4
CVSS 3.1
0.0%
EPSS
37
Priority
CVE-2026-2450
Misconfigured .NET impersonation in upKeeper Instant Privilege Access through version 1.5.0 enables authenticated remote attackers to hijack privileged execution threads, leading to high confidentiality and integrity impact on underlying system resources. The vulnerability requires low-level privileges and presents network-based attack vector with high complexity. No public exploit identified at time of analysis, and CISA SSVC framework classifies this as non-automatable with partial technical impact. EPSS data not available for risk quantification.
No patch available
Why flagged?
7.4
CVSS 4.0
0.0%
EPSS
37
Priority
CVE-2026-4158
Local privilege escalation in KeePassXC password manager allows authenticated attackers with low privileges to execute arbitrary code by exploiting insecure OpenSSL configuration file loading. When a target user launches KeePassXC, malicious configuration planted in an unsecured path is loaded, enabling code execution in KeePassXC's security context. Attack requires user interaction and prior low-privileged access. CVSS 7.3 (AV:L/AC:L/PR:L/UI:R). No public exploit identified at time of analysis.
NIS2 Edge exposure No patch available
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Internet-facing technique: rce
  • No patch available
  • Strong evidence (KEV / high EPSS / multi-source)
7.3
CVSS 3.0
0.0%
EPSS
37
Priority
CVE-2026-36948
SQL injection in Sourcecodester Online Thesis Archiving System v1.0's /otas/view_archive.php endpoint allows remote unauthenticated attackers to manipulate database queries, potentially extracting sensitive thesis data, authentication credentials, or modifying database contents. No public exploit identified at time of analysis, with minimal observed exploitation probability (EPSS 0.01%, 2nd percentile). The vulnerability affects a PHP-based academic archiving platform with limited deployment footprint.
NIS2 Edge exposure No patch available
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Internet-facing (CWE-89: SQL Injection)
  • No patch available
  • Strong evidence (KEV / high EPSS / multi-source)
7.3
CVSS 3.1
0.0%
EPSS
37
Priority
CVE-2026-34856
Use-after-free in Huawei HarmonyOS communication module allows local attackers to cause denial of service and potentially disclose information without authentication. The vulnerability stems from a race condition (CWE-362) enabling memory corruption with high availability impact. EPSS data not available; no public exploit identified at time of analysis. Vendor has released security bulletin with remediation guidance.
No patch available
Why flagged?
7.3
CVSS 3.1
0.0%
EPSS
37
Priority
CVE-2026-23772
Local privilege escalation in Dell Storage Manager - Replay Manager for Microsoft Servers 8.0 allows low-privileged authenticated users to gain elevated privileges with high integrity and availability impact. Dell has released security advisory DSA-2026-058 with patches. The CVSS 7.3 (High) score reflects significant post-exploitation impact, though local access and existing authentication requirements limit initial attack surface. No active exploitation (CISA KEV) or public proof-of-concept code identified at time of analysis.
NIS2 DORA ICT dependency Management plane Dell
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Third-party ICT: Dell
  • Management plane (Improper Privilege Management)
  • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
  • HIGH severity
  • ICT provider: Dell (Hardware & Firmware)
  • Authentication / access control weakness
7.3
CVSS 3.1
0.0%
EPSS
37
Priority
CVE-2026-30616
Jaaz 1.0.30 contains a remote code execution vulnerability in its MCP STDIO command execution handling. A remote attacker can send crafted network requests to the network-accessible Jaaz application,
NIS2 Edge exposure No patch available
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Internet-facing (CWE-77: Command Injection)
  • No patch available
  • Moderate evidence (PoC / elevated EPSS)
7.3
CVSS 3.1
0.1%
EPSS
36
Priority
CVE-2026-4667
HP System Optimizer might potentially be vulnerable to escalation of privilege. HP is releasing an update to mitigate this potential vulnerability.
NIS2 DORA ICT dependency Management plane HPE
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Third-party ICT: HPE
  • Management plane (Execution with Unnecessary Privileges)
  • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
  • HIGH severity
  • ICT provider: HPE (Hardware & Firmware)
  • Authentication / access control weakness
7.3
CVSS 4.0
0.0%
EPSS
36
Priority
CVE-2026-37337
SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_playlist.php.
NIS2 Edge exposure No patch available
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Internet-facing (CWE-89: SQL Injection)
  • No patch available
  • Strong evidence (KEV / high EPSS / multi-source)
7.3
CVSS 3.1
36
Priority
CVE-2026-37336
SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_music.php.
NIS2 Edge exposure No patch available
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Internet-facing (CWE-89: SQL Injection)
  • No patch available
  • Strong evidence (KEV / high EPSS / multi-source)
7.3
CVSS 3.1
36
Priority
CVE-2026-33021
Use-after-free in libsixel 1.8.7 and earlier enables local attackers to crash applications or execute arbitrary code via crafted SIXEL image frames. The vulnerability occurs when sixel_encoder_encode_bytes() processes resize operations that free caller-owned pixel buffers, creating dangling pointers exploitable through repeated, predictable frame manipulation. EPSS data not available; no confirmed active exploitation (not in CISA KEV), but the technical details suggest reliable exploitation potential for local privilege escalation or RCE scenarios.
NIS2 Edge exposure
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Internet-facing technique: rce
  • Moderate evidence (PoC / elevated EPSS)
7.3
CVSS 3.1
0.0%
EPSS
36
Priority
CVE-2026-6384
A flaw was found in gimp. This buffer overflow vulnerability in the GIF image loading component's `ReadJeffsImage` function allows an attacker to write beyond an allocated buffer by processing a speci
NIS2 Edge exposure No patch available
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Internet-facing technique: rce
  • No patch available
  • Moderate evidence (PoC / elevated EPSS)
7.3
CVSS 3.1
0.0%
EPSS
36
Priority
CVE-2026-41082
In OCaml opam before 2.5.1, a .install field containing a destination filepath can use ../ to reach a parent directory.
Why flagged?
7.3
CVSS 3.1
36
Priority
CVE-2026-32149
Windows Hyper-V local privilege escalation via improper input validation (CWE-20) enables authenticated low-privilege attackers with user interaction to execute arbitrary code with high confidentiality, integrity, and availability impact across Windows 10 (versions 1607-22H2), Windows 11 (versions 22H3-26H1), and Windows Server (2016-2025). Microsoft released patches addressing the vulnerability with EPSS exploitation probability data not available; no public exploit identified at time of analys
NIS2 DORA Edge exposure ICT dependency Microsoft Windows
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Internet-facing (CWE-20: Improper Input Validation)
  • Third-party ICT: Microsoft Windows
  • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
  • HIGH severity
  • ICT provider: Microsoft Windows (Operating Systems)
7.3
CVSS 3.1
0.1%
EPSS
36
Priority
CVE-2026-40688
Out-of-bounds write in FortiWeb administrative interface enables authenticated remote code execution on web application firewall appliances. Affects FortiWeb 7.4.0-7.4.11, 7.6.0-7.6.6, and 8.0.0-8.0.3. CVSS 7.2 indicates high-privilege authenticated network attack with low complexity. No public exploit identified at time of analysis, though the incomplete advisory description ('<insert attack vector here>') suggests disclosure may be pending or sanitized. Memory corruption class (CWE-787) typically enables arbitrary code execution, confirmed by CVSS impact ratings (High C/I/A). EPSS data not available for risk probability assessment.
NIS2 DORA ICT dependency No patch available Fortinet
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Third-party ICT: Fortinet
  • No patch available
  • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
  • HIGH severity
  • ICT provider: Fortinet (Network & Security)
  • No remediation available
7.2
CVSS 3.1
0.4%
EPSS
36
Priority
CVE-2026-6227
Local file inclusion in BackWPup WordPress plugin versions ≤5.6.6 allows authenticated administrators to read sensitive configuration files or achieve remote code execution via path traversal bypass in the `/wp-json/backwpup/v1/getblock` REST endpoint. The vulnerability stems from insufficient sanitization using non-recursive `str_replace()`, enabling crafted sequences like `....//` to bypass filtering. While requiring high privileges (PR:H), the plugin's permission delegation feature allows administrators to grant backup management rights to lower-privileged users, expanding the attack surface. No public exploit or active exploitation (CISA KEV) confirmed at time of analysis, though CVSS 7.2 reflects high confidentiality, integrity, and availability impact.
NIS2 Edge exposure No patch available
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Internet-facing (CWE-22: Path Traversal)
  • No patch available
  • Strong evidence (KEV / high EPSS / multi-source)
7.2
CVSS 3.1
0.3%
EPSS
36
Priority
CVE-2026-39387
Local File Inclusion in BoidCMS versions prior to 2.1.3 enables authenticated administrators to execute arbitrary PHP code via path traversal in the tpl parameter combined with file upload. The vulnerability chains unsanitized require_once() inclusion with media upload functionality, allowing attackers to upload malicious files and force their execution with web server privileges. Vendor-released patch available in version 2.1.3. CVSS 7.2 reflects high-privilege requirement (administrator access), but exploitation complexity is low once authenticated. No CISA KEV listing or public exploit code identified at time of analysis.
NIS2 Edge exposure No patch available
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Internet-facing (CWE-98: Improper Control of Filename (LFI/RFI))
  • No patch available
  • Moderate evidence (PoC / elevated EPSS)
7.2
CVSS 3.1
0.2%
EPSS
36
Priority
CVE-2026-3643
Stored XSS in Accessibly WordPress plugin (≤3.0.3) allows unauthenticated attackers to inject malicious JavaScript executed by all site visitors via unprotected REST API endpoints. Two endpoints (/otm-ac/v1/update-widget-options and /otm-ac/v1/update-app-config) lack authentication checks (permission_callback set to __return_true), enabling attackers to modify the widgetSrc option with a URL pointing to attacker-controlled scripts. The malicious URL is stored unsanitized in WordPress options and
NIS2 Edge exposure No patch available
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Internet-facing (CWE-79: Cross-site Scripting (XSS))
  • No patch available
  • Strong evidence (KEV / high EPSS / multi-source)
7.2
CVSS 3.1
0.1%
EPSS
36
Priority
CVE-2026-5217
Unauthenticated stored XSS in Optimole WordPress plugin (≤4.2.2) allows attackers to inject malicious scripts via the srcset descriptor parameter in the /wp-json/optimole/v1/optimizations REST endpoint. Despite HMAC signature validation, authentication tokens are exposed in frontend HTML, enabling exploitation. Injected payloads persist in WordPress options table via transients and execute when victim browsers render affected pages. No public exploit identified at time of analysis.
NIS2 Edge exposure No patch available
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Internet-facing (CWE-79: Cross-site Scripting (XSS))
  • No patch available
  • Strong evidence (KEV / high EPSS / multi-source)
7.2
CVSS 3.1
0.1%
EPSS
36
Priority
CVE-2026-4388
Stored Cross-Site Scripting in Form Maker by 10Web WordPress plugin (versions ≤1.15.40) allows unauthenticated attackers to inject malicious JavaScript through Matrix field submissions that executes when administrators view submission details. The vulnerability stems from inadequate sanitization (sanitize_text_field removes tags but preserves quotes) and missing output escaping in the admin Submissions view. With CVSS 7.2 (High) and network-based attack vector requiring no privileges or user int
NIS2 Edge exposure No patch available
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Internet-facing (CWE-79: Cross-site Scripting (XSS))
  • No patch available
  • Strong evidence (KEV / high EPSS / multi-source)
7.2
CVSS 3.1
0.1%
EPSS
36
Priority
CVE-2026-2834
Stored Cross-Site Scripting in Token of Trust WordPress plugin versions ≤3.32.3 allows unauthenticated remote attackers to inject malicious scripts via the unsanitized 'description' parameter, achieving persistent code execution in victim browsers with changed security context (CVSS scope changed). CVSS 7.2 with network attack vector and no authentication required. No public exploit identified at time of analysis, but EPSS data not provided to assess exploitation probability.
NIS2 Edge exposure No patch available
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Internet-facing (CWE-79: Cross-site Scripting (XSS))
  • No patch available
  • Strong evidence (KEV / high EPSS / multi-source)
7.2
CVSS 3.1
0.1%
EPSS
36
Priority
CVE-2026-5694
Stored Cross-Site Scripting in Quick Interest Slider plugin for WordPress (versions ≤3.1.5) allows unauthenticated remote attackers to inject malicious scripts via unsanitized 'loan-amount' and 'loan-period' parameters. Injected scripts execute in victim browsers when accessing compromised pages, enabling session hijacking, credential theft, or malicious redirects. CVSS 7.2 with network-accessible, low-complexity attack vector (AV:N/AC:L/PR:N) and scope change (S:C) indicates significant cross-tenant impact. No public exploit identified at time of analysis, though exploitation requires minimal technical sophistication due to unauthenticated attack surface.
NIS2 Edge exposure No patch available
Why flagged?
NIS2 Relevant
  • HIGH severity
  • Internet-facing (CWE-79: Cross-site Scripting (XSS))
  • No patch available
  • Strong evidence (KEV / high EPSS / multi-source)
7.2
CVSS 3.1
0.1%
EPSS
36
Priority
Prev Page 21 of 25 (612 CVEs) Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy